1 to 25 of 622 ISO/IEC 27001 Jobs in England

organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations, and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information … Governance : Develop, implement, and maintain a comprehensive information security strategy aligned with business objectives and risk tolerance. Establish and enforce information security policies, procedures, and standards in accordance with ISO27001, customer requirements, relevant legislation, and application security best practices. Communication : Develop and maintain an organization-wide security culture. Build and implement a company-wide communication strategy to promote information security … posture, including application security vulnerabilities and risks, risks, and compliance status to the Trayport Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance : Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and More ❯

The Cybersecurity team, within the IT department, is responsible for information and Cybersecurity. Responsibilities include information and cybersecurity risk management, and ensuring compliance to CAA, NIS and ISO27001 standards. The team also works closely with our majority shareholders, and partners, such as retailers, ground handlers, as well as suppliers, to ensure a joined-up approach to information and cyber security. … projects, and assisting with regulatory compliance to encourage continual enhancement of our IT security environment. Key responsibilities and accountabilities: * Endpoint monitoring and analysis. * Malware analysis and forensics research. * Understanding / differentiation of intrusion attempts and false positives. * Lead investigations into security breaches, incidents, or suspicious activities and provide incident reports to stakeholders. * Enforce security policies, procedures, and guidelines for … all IT systems and operations. * Provide recommendations for improving security practices to meet evolving regulatory and organisational needs. * Vulnerability identification & mitigation / remediation. * Advise incident responders & other teams on cybersecurity threats. * Triage security events and incidents and apply containment and mitigation / remediation strategies. * Collaborate with other IT teams to ensure seamless security integration with infrastructure, applications, and More ❯

So, what's the role all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also … enhance IT controls, compliance with standards, and risk management processes. Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking: Monitor updates to Cyber Essentials … disability, veteran status, gender identity, sexual orientation or any other category protected by law. Apply for this job indicates a required field First Name Last Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Do you have any first-degree relatives (spouse, parent, child, sibling) that are currently employed by More ❯

with regulatory requirements, and conducting thorough security audits.You will be part of the IT committee and work closely with the risk and compliance team.Ideally, having a background in IT / Network security, progressing into information security and cybersecurity.**Key Responsibilities:**- Develop, draught, implement, and maintain information security policies, procedures, and guidelines.- Conduct regular security audits and assessments to identify … vulnerabilities and ensure compliance with industry standards (e.g., ISO 27001).- Monitor and respond to security incidents, conducting investigations and implementing corrective actions.- Collaborate with IT and other departments to ensure the security of network infrastructure and data.- Manage risk assessments and vulnerability assessments to identify potential security threats.- Oversee the implementation of security measures such … interpersonal skills.**Preferred Qualifications:**- Experience with regulatory compliance requirements such as GDPR, HIPAA, or SOX.- Familiarity with security tools and technologies such as SIEM, DLP, and endpoint protection. CISA / CISSP / CCSP MCSA-Microsoft Windows Server MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified Professional;CCNA / CCNP Experience with security tools More ❯

best practices Develop and support cloud security policies and technical standards Conduct security assessments, risk analysis, and contribute to security roadmaps Collaborate with teams to integrate security into CI / CD and cloud-native applications Microsoft Security Stack Configure and manage Microsoft Defender for Cloud, Defender for Endpoint, and Sentinel Deploy Microsoft Purview for compliance and information protection Manage … Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure insider risk management, audit … regulated industries Technical Skills Deep expertise in Azure security and Microsoft Defender suite Advanced skills in Microsoft Sentinel, Purview, Intune, and Defender for Endpoint Strong experience with Entra ID / Active Directory, Conditional Access, and PIM Hands-on with PowerShell and Microsoft Graph API for security automation Familiarity with M365 security, Zero Trust models, and Microsoft Information Protection Knowledge More ❯

address, and continuously improve security control effectiveness. Oversee the management of external security assessments and ensure remediation plans are executed effectively. Maintain relevant security certifications such as Cyber Essentials / Plus and support the business in aligning with broader security frameworks (e.g., NIST CSF, CIS Controls). Awareness & Security Culture Lead internal training, briefings and onboarding sessions to build … experience in a technical security role, ideally within complex or high-risk operational environments. Practical experience with cloud platforms (e.g. AWS, Azure), endpoint protection, IAM, vulnerability management, and SIEM / logging tools. Strong understanding of cyber threats, insider risk, security engineering principles and network security. Demonstrated experience managing the response to cyber incidents. Familiar with automating tasks with Python … 27001 beneficial but not essential. Understanding of UK data protection law and its practical application within a security programme. Security certifications (e.g. CISSP, CISM, CCSP, GIAC / SANS, AWS Security Specialty, or similar) are a plus. Ability to build effective working relationships across technical and non-technical stakeholders. Strong analytical, communication, and problem-solving skills. Experience More ❯

ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS / IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness … training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We’re Looking For: A degree in Cybersecurity, IT, or equivalent … forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem-solving, communication, and More ❯

This job is brought to you by Jobs / Redefined, the UK's leading over-50s age inclusive jobs board. Sonata One is a rapidly scaling, regulated fund services and technology (fintech) business. We're The Private Funds Clearinghouse, connecting more than 53,000 investors with 6,500 funds and 180 fund managers around the globe. Our vision is … from a seamless, one & done experience across the fund lifecycle (from fund selection and subscription through to settlement and reporting) underpinned by a globally compliant KYC passport and 24 / 7 support. Fund managers can raise capital faster at a lower cost from a wider pool of pre-approved investors. Founded in 2015, Sonata One has a presence in … endpoint protection, DLP, etc.). Oversee the organization's incident response and business continuity plans, including simulations and real-time responses. Conduct regular security audits and work with internal / external auditors to support compliance. Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements More ❯

services, enhancing efficiency, customer experience, and digital capability. Oversee the management of IT infrastructure, cloud services, enterprise applications, and cybersecurity frameworks. Ensure compliance with regulatory standards (e.g., GDPR, ISO 27001, Cyber Essentials+) and proactively manage cyber risks. Lead digital programmes including automation, data analytics, self-service, and agile delivery models. Build and develop a high-performing … contracts, and service levels. Cybersecurity and Risk Management Lead the development and implementation of the Information Governance Framework, policies, and procedures. Ensure compliance with regulatory requirements e.g., GDPR, ISO 27001, Cyber Essentials. Proactively manage cyber risks and incident response plans Digital Transformation Drive digital programs including automation, data analytics, self-service platforms, and customer-facing technologies. … please see NHS Careers website. Employer details Employer name HMT Sancta Maria Hospital Address Unit 1 Langdon House Langdon Road Swansea West Glamorgan SA1 8QY Employer's website https: / / www.hmtsanctamaria.org / More ❯

help our clients: Security Architecture: Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and … roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS / NIS2, DORA, UK CNI / OT / IIOT compliance. Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance More ❯

and team size, the role requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles / services as a requirement, across multiple technical areas. The role requires the ability to "lead by example" and perform line management for direct reports and manage service partners reporting … On-prem and Virtual product) Solution Life Cycle Management and removal (via decommissioning and succession planning) of technical debt. Drive a document first culture to new and legacy platforms / solutions. Oversee management of the End User Compute estate via Intune Act upon and proactively manage all estate patch management requirements (on-prem, virtual, & physical) for software, hardware, and … optimal service delivery and value for investment. Negotiate cloud service agreements, monitor SLAs, and ensure vendor compliance with security and data protection policies. Monitor, forecast and efficiency manage vendor / solution spend against defined budget. Oversee third-party SaaS solutions, ensuring they align with the organisation's cloud-first strategy and security requirements. Refine and develop external and internal More ❯

a Security Engineer or in a similar role, with deep understanding of the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection / prevention systems (IDS / IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security … certifications, such as Security+, IAT II / III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP / … social office in Shoreditch Deliveroo for working late in the office Apply for this job indicates a required field First Name Last Name Preferred First Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf More ❯

Team, DevOps, and Compliance Teams to ensure the security of our infrastructure and data. Key Responsibilities: Monitor and analyse security alerts from various tools such as WAF, SIEM, IDS / IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural … initiatives (e.g., ISO 27001, NIST, GDPR). Document incidents, procedures, and technical findings clearly and accurately. Ensure timely management and resolution of tickets, both internal / partner and third-party suppliers. Remain up to date with the latest security threats, trends, and technologies. Skill Requirements: Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security … Portfolio of products. Network Security: Understanding of TCP / IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for automating security tasks. Cloud Security: Knowledge of MS Azure. Privileged / More ❯

and team size, the role requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles / services as a requirement, across multiple technical areas. Security, Compliance & Risk Management • Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. … Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. • Oversee endpoint security, cloud network and API security … Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. • Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO More ❯

and regulated by the FCA, this multi-award-winning finance & credit company has a proven track record for customer and employee satisfaction. With a Trustpilot rating of 4.8 / 5 and over 33,500 combined online reviews, they pride themselves on their customer service and their duty as a responsible lender. Role This company is seeking an experienced DevSecOps … testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI / CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident … GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com / privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London More ❯

Job Title: Cyber Security Test Analyst Location: Sheffield, UK (3 days / week Onsite) Duration: 6months+ Banking Client Experience required Job Summary: Required Experience Proven experience in software testing, preferably within Privileged Access Management (PAM) or Identity & Access Management (IAM). Experience with PAM solutions such as CyberArk, BeyondTrust, Delinea (Thycotic), or Microsoft PAM. Strong understanding of IAM principles … . Proficiency in test management tools such as JIRA Strong problem-solving skills and attention to detail. Excellent communication and collaboration skills. Desirable: Experience working within an Agile (Scrum / Kanban) environment. Knowledge of CI / CD pipelines and DevSecOps practices. Experience with Cloud security testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM … or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). Kind Regards -- Priyanka Sharma Senior Delivery Consultant Office: 02033759240 Email: psharma@vallumassociates.com More ❯

ISO 27001) as part of critical vendor performance assessment ensuring operational resilience is maintained. In collaboration with GT, manage security systems, including firewalls, intrusion detection / prevention systems, and antivirus software. In collaboration with GT, Develop and test incident response plans and coordinate responses to security incidents and breaches Raise awareness of cybersecurity issues among … bank London employees; conduct annual training / workshops to educate staff on security best practices aligned with GT. Other Duties Maintain professional and technical knowledge (Conduct Rule 2) e.g. by attending educational workshops; read professional publications; benchmarking state-of-the-art practices etc where relevant. Collaborate with stakeholders to handle backlogs and new requirements - Resolve conflicts and remove blockers … on IT related matters. Ensure work deliverables are in compliance with policies and regulatory requirements . Maintains quality service by establishing and enforcing organization standards. To act as second / third level support with GT for support related issues. To comply with all applicable FCA / PRA conduct rules. Compliance with all mandatory training as set by the More ❯

enforce security policies, procedures, and best practices. Provide cybersecurity awareness training and guidance to end users and internal teams. Participate in audits and ensure guidelines from industry standards (ISO 27001, NIST, SOC 2) are followed internally and best practices regularly reviewed. Proactively assess recovery capabilities, with the aim of minimizing business impact in case of incidents. … team. Occasional on-call support for critical incidents. Requirements Proven experience in a cybersecurity and IT infrastructure role. Strong knowledge of Microsoft and Cisco security stack. Familiarity with SIEM / SOAR / XDR platforms and incident response frameworks. Excellent understanding of network security, firewalls, VPNs, ZTA, endpoint protection, phishing and social media platforms. Experience with hybrid environments (on More ❯

enforce security policies, procedures, and best practices. Provide cybersecurity awareness training and guidance to end users and internal teams. Participate in audits and ensure guidelines from industry standards (ISO 27001, NIST, SOC 2) are followed internally and best practices regularly reviewed. Proactively assess recovery capabilities, with the aim of minimizing business impact in case of incidents. … team. Occasional on-call support for critical incidents. Requirements Proven experience in a cybersecurity and IT infrastructure role. Strong knowledge of Microsoft and Cisco security stack. Familiarity with SIEM / SOAR / XDR platforms and incident response frameworks. Excellent understanding of network security, firewalls, VPNs, ZTA, endpoint protection, phishing and social media platforms. Experience with hybrid environments (on More ❯

risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications / Skills Required Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. 5+ years of experience in information security, with a strong focus on risk assessment … and / or internal security audits. Demonstrated experience working with compliance, legal, business teams, and clients to assess and document security risks and compensating controls. Advanced knowledge of risk management frameworks (e.g., NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and More ❯

brands, ensuring our security approaches and technology align. Cloud Security Integration: You'll work with development, DevOps, and cloud engineering teams to embed cloud security controls into our CI / CD workflows and infrastructure-as-code. Cloud Security Posture: You'll utilise cloud-native and third-party security tools to keep an eye on our cloud security posture and … mix of Linux, Windows, Apple & Android OS. Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre. Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR. Experience … operating and managing SIEM solutions, vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and / or SecOps oriented teams. A proven track record of analysing security requirements and applying architectural best practices. Previous work experience in an IT, InfoSec, or system administration role. Commercial More ❯

brands, ensuring our security approaches and technology align. Cloud Security Integration: You'll work with development, DevOps, and cloud engineering teams to embed cloud security controls into our CI / CD workflows and infrastructure-as-code. Cloud Security Posture: You'll utilise cloud-native and third-party security tools to keep an eye on our cloud security posture and … Linux, Windows, Apple & Android OS . Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre . Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR . Experience … operating and managing SIEM solutions , vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and / or SecOps oriented teams . A proven track record of analysing security requirements and applying architectural best practices. Previous work experience in an IT, InfoSec, or system administration role. More ❯

product development from requirements gathering through deployment. Collaborate with developers to identify, triage, and remediate application and cloud security vulnerabilities (e.g., XSS, SSRF, CSRF, CORS, SQL Injection, broken authentication / authorization, encryption flaws). Provide expert guidance on secure coding practices, common vulnerability classes (e.g., OWASP Top 10), and threat modeling for modern web applications. Conduct security reviews of … frameworks (e.g., Django, Node.js , React). Expert-level scripting and automation skills (e.g., Python, Bash, PowerShell) for workflow automation, tooling, and log analysis. Proficient in log analysis, SIEM usage / configuration, threat hunting, and querying tools to support detection and response. Familiarity with static and dynamic analysis techniques and vulnerability mitigation. Strong understanding of modern cloud platforms-especially AWS … EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. Prior experience driving security engineering for a SaaS-based company. Experience leveraging automation or AI / ML tools to improve secure development, detection, incident response, or code analysis workflows. Benefits: (US-ONLY) 100% of medical, dental, and vision covered including 75% for dependents Flexible vacation More ❯

Are you an accomplished IT Security Engineer (Application & / or Infrastructure focused) , looking to make your next move into a small team of like-minded, security focused people? Would you relish the opportunity to work with one of the UK’s leading independent Software houses , with a global footprint (but UK HQ), 500 staff & a focus on technical excellence … as CISSP, CEH, etc or equivalent are highly desirable. You have an in-depth knowledge of security principles, technologies, and best practices, threat detection and mitigation strategies. Mature understanding / experience with cloud security architecture (AWS, Azure) with a proven track record and work ethic that covers many platforms (Windows / Linux), to ensure optimal security posture. Proven … Excellent problem-solving and communication skills with an innate passion for security. A proactive approach to staying updated with the latest security threats, vulnerabilities, and mitigation techniques. Advantageous skills / experience: You will have worked on a variety of challenging projects, with multiple security tools & be confident working with internal stakeholders to make sure the organization is compliant with More ❯

Are you an accomplished IT Security Engineer (Application & / or Infrastructure focused) , looking to make your next move into a small team of like-minded, security focused people? Would you relish the opportunity to work with one of the UK’s leading independent Software houses , with a global footprint (but UK HQ), 500 staff & a focus on technical excellence … as CISSP, CEH, etc or equivalent are highly desirable. You have an in-depth knowledge of security principles, technologies, and best practices, threat detection and mitigation strategies. Mature understanding / experience with cloud security architecture (AWS, Azure) with a proven track record and work ethic that covers many platforms (Windows / Linux), to ensure optimal security posture. Proven … Excellent problem-solving and communication skills with an innate passion for security. A proactive approach to staying updated with the latest security threats, vulnerabilities, and mitigation techniques. Advantageous skills / experience: You will have worked on a variety of challenging projects, with multiple security tools & be confident working with internal stakeholders to make sure the organization is compliant with More ❯